📰 DAILY THREAT BRIEFING
Saturday, May 16, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of May 16, 2026.

  1. The Boring Stuff is Dangerous Now
    — Dark Reading

    AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentia…
  2. Funnel Builder WordPress plugin bug exploited to steal credit cards
    — Bleeping Computer

    A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into…
  3. Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
    — Bleeping Computer

    ​During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabi…
  4. Popular node-ipc npm package compromised to steal credentials
    — Bleeping Computer

    Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, …
  5. Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
    — The Hacker News

    The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet…
  6. Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
    — The Hacker News

    Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege esc…
  7. Cyber Pioneers Ponder Past as Prologue
    — Dark Reading

    Robert "RSnake" Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier reflect on how their favorite columns penned for…
  8. What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
    — The Hacker News

    In Your Biggest Security Risk Isn't Malware — It's What You Already Trust, we made a simple argument: the most dangerous activity inside m…
  9. Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
    — Unit 42

    Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking to compromi…
  10. [Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
    — SANS ISC

    
 
 :root {
 –isc-maroon: #7a1f1f;
 –isc-maroon-dark: #5e1717;
 –isc-lin…
  11. ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  12. Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
    — Dark Reading

    A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an ant…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (6388 in last 30 days).
Critical: 0 · High: 9 · Medium: 10 · Low: 1. View full dashboard →

  1. CVE-2026-45667
    — CVSS 6.5 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef is accessible without authentication and executes request.app.state.EMBEDDING_FUN…
  2. CVE-2026-45666
    — CVSS 6.5 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/{note_id} endpoint lacks proper authorization checks, allowing authenticated users…
  3. CVE-2026-45665
    — CVSS 8.1 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Banner component due to an improper sanit…
  4. CVE-2026-45365
    — CVSS 5.4 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypass_filter parameter is exposed on the /openai/chat/completions and /ollama/api/chat…
  5. CVE-2026-45351
    — CVSS 6.5 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user [non-admin] logs into the application, a http://IP:8080/api/models? web request is in…
  6. CVE-2026-45350
    — CVSS 7.1 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, pote…
  7. CVE-2026-45347
    — CVSS 4.3 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.11, there is a blind server side request forgery (SSRF) via the PDF generate function. In the PDF export, us…
  8. CVE-2026-45345
    — CVSS 6.5 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.7, a user can modify another user's model even if its visibility is set to Private. By changing the access p…
  9. CVE-2026-45338
    — CVSS 7.7 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery (SSRF) vulnerability exists in _process_picture_url() in backend/open_webui…
  10. CVE-2026-45318
    — CVSS 5.4 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, his advisory tracks a regression of the original Excel-preview XSS (CVE-2026-44549). The same root cause …
  11. CVE-2026-45317
    — CVSS 4.6 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, an application-wide Cross-Site Request Forgery (CSRF) vulnerability was found Open-WebUl's image uploadin…
  12. CVE-2026-45316
    — CVSS 3.5 (LOW)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the POST /api/v1/notes/{id}/pin endpoint performs a write operation (toggling the is_pinned field) but on…
  13. CVE-2026-45315
    — CVSS 8.7 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the file extension from the user-supplied filename and save…
  14. CVE-2026-45303
    — CVSS 7.7 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML rendering view, scripts can be injected and executed. The frontend provides a function t…
  15. CVE-2026-45301
    — CVSS 8.1 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.3.16, a missing permission check in all files related API endpoints allows any authenticated user to list, acc…
  16. CVE-2026-45299
    — CVSS 5.4 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, the profile_image_url field on the user profile update form accepted arbitrary data: URI values without M…
  17. CVE-2026-44571
    — CVSS 6.5 (MEDIUM)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standard channels (i.e., channels whose channel.type is neither group nor dm), the endpoint POST /api/…
  18. CVE-2026-44570
    — CVSS 8.3 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a sta…
  19. CVE-2026-44569
    — CVSS 7.1 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, there's an IDOR in the channels message management system that allows authenticated users to modify or d…
  20. CVE-2026-44567
    — CVSS 7.3 (HIGH)

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when …

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · May 16, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com